Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

You can use the email form to spam people #41

Open
MatthewStanciu opened this issue Sep 21, 2022 · 0 comments
Open

You can use the email form to spam people #41

MatthewStanciu opened this issue Sep 21, 2022 · 0 comments
Labels
hacktoberfest

Comments

@MatthewStanciu
Copy link
Member

MatthewStanciu commented Sep 21, 2022
edited
Loading

Related to #40

There are no limits to how many times you can enter someone's email. Anyone can enter any email, and although the person needs to confirm before they're actually added to a list, someone who wants to be a jerk could use the email form to spam someone with 100 "Verify your email" emails.

This website also has no protection from bots, so it's actually really easy for someone to do real damage (and make us hit our email sending limit).

Solution: Keep track of recently-submitted emails and only allow the same email to be inputted every minute or two.
@MatthewStanciu MatthewStanciu changed the title You can use the email feature to spam people You can use the email form to spam people Sep 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
hacktoberfest
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MatthewStanciu